It’s difficult to imagine Google and Facebook as victims but apparently they have both been bamboozled into doling out $100 million in a phishing scam.
According to an exclusive report on a Forbes.com, the de facto owners of the worldwide web were both tricked into spending tens of millions of dollars by an enterprising Lithuanian man, Evaldas Rimasauskas.
The alleged cyber crimbo pretended to be the Taiwanese computer parts manufacturer Quanta Computer, according to a report on Fortune.com. Google, Facebook, and Apple are among the company’s clients.
Rimasauskas conducted his fraud between 2013 and 2015, using bank accounts in Latvia and Cyprus opened in Quanta’s name and allegedly used false invoices to trick Facebook and Google into paying into them.
But he was eventually tracked down by the Federal Bureau of Investigation and the US Justice Department has now charged him with fraud.
In a statement, Joon Kim, acting US Attorney for the the Southern District of New York, said: “From half a world away, Evaldas Rimasauskas allegedly targeted multinational internet companies and tricked their agents and employees into wiring over $100 million to overseas bank accounts under his control.”
Kim added: “Evaldas Rimasauskas carried out a business email compromise scheme creatively targeting two very specific victim companies. He was initially successful, acquiring over $100 million in proceeds that he wired to various bank accounts worldwide.”
The monies involved have now been recovered by the companies but the spectre of large-scale online fraud remains, with an increasing number falling victim to scammers.
If Google and Facebook can be scammed, so can everyone else. “This case should serve as a wake-up call to all companies – even the most sophisticated – that they too can be victims of phishing attacks by cyber criminals,” said Kim.
In this instance, the alleged perpetrator has been caught, probably because the sums involved were quite large, but in many other situations where the amounts stolen are much smaller, fraudsters can get away with it.
Phishing scams involving fake suppliers are said to be huge. One insider at the US Attorney’s Office said there is “plague of these kind of companies” which operate phishing scams.
“Criminals continue to commit a wide variety of crimes online, and significant cyber data breaches have had a negative impact across a variety of industries,” said Kim.
Rimasauskas has denied the allegations levelled against him, and his lawyers have issued a statement in which they called for him to be tried in Lithuania, and not the US, where is unlikely to get a fair trial, according to them.
In correspondence with Fortune, Rimasauskas’ lawer said: “Mr. Rimasauskas cannot expect a fair and impartial trial in the USA. The uncertainty is further increased taking into account the behavior of FBI agents during the interrogations of Mr Rimašaukas, frightening him with long years in US prisons, and the transfer of computers to US law enforcement officials, which was made without the presence of the owner.”